Lucene search
Veracode Vulnerability DatabaseVERACODE:12832HistoryJan 15, 2019 - 9:22 a.m.
Cross-site Scripting (XSS)
2019-01-1509:22:26
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
15
EPSS
0.002
Percentile
64.8%
mailman is vulnerable to cross-site scripting (XSS) attacks. The vulnerability exists as the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL.
References
packetstormsecurity.com/files/159761/Mailman-2.1.23-Cross-Site-Scripting.html
www.securityfocus.com/bid/104594
access.redhat.com/errata/RHSA-2018:0504
access.redhat.com/errata/RHSA-2018:0505
access.redhat.com/security/updates/classification/#moderate
bugs.launchpad.net/mailman/+bug/1747209
lists.debian.org/debian-lts-announce/2018/02/msg00007.html
usn.ubuntu.com/3563-1/
www.debian.org/security/2018/dsa-4108
www.mail-archive.com/[email protected]/msg70375.html
Related
centos
centos
mailman security update
2018-03-14 14:47:13
mailman security update
2018-03-14 14:49:06
debian
debian
[SECURITY] [DSA 4108-1] mailman security update
2018-02-09 10:29:18
[SECURITY] [DLA 1272-1] mailman security update
2018-02-09 02:32:55
[SECURITY] [DSA 4108-1] mailman security update
2018-02-09 10:29:18
cvelist
cvelist
CVE-2018-5950
2018-01-23 16:00:00
nessus
nessus
RHEL 7 : mailman (RHSA-2018:0505)
2018-03-14 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : Mailman vulnerability (USN-3563-1)
2018-02-09 00:00:00
RHEL 6 : mailman (RHSA-2018:0504)
2018-03-14 00:00:00
oraclelinux
oraclelinux
mailman security update
2018-03-13 00:00:00
mailman security update
2018-03-13 00:00:00
ubuntu
ubuntu
Mailman vulnerability
2018-02-08 00:00:00
openvas
openvas
CentOS Update for mailman CESA-2018:0505 centos7
2018-03-15 00:00:00
Debian: Security Advisory (DLA-1272-1)
2018-02-20 00:00:00
CentOS Update for mailman CESA-2018:0504 centos6
2018-03-15 00:00:00
redhatcve
redhatcve
CVE-2018-5950
2019-10-11 09:27:43
prion
prion
Cross site scripting
2018-01-23 16:29:00
mageia
mageia
Updated mailman packages fix a security vulnerability
2018-03-30 00:00:32
freebsd
freebsd
Mailman -- Cross-site scripting (XSS) vulnerability in the web UI
2018-01-20 00:00:00
debiancve
debiancve
CVE-2018-5950
2018-01-23 16:29:01
amazon
amazon
Medium: mailman
2018-04-05 16:09:00
Medium: mailman
2018-04-05 16:46:00
packetstorm
packetstorm
Mailman 2.1.23 Cross Site Scripting
2020-10-29 00:00:00
cve
cve
CVE-2018-5950
2018-01-23 16:29:01
ubuntucve
ubuntucve
CVE-2018-5950
2018-01-23 00:00:00
redhat
redhat
(RHSA-2018:0504) Moderate: mailman security update
2018-03-13 15:17:39
(RHSA-2018:0505) Moderate: mailman security update
2018-03-13 15:18:22
osv
osv
mailman - security update
2018-02-09 00:00:00
mailman - security update
2018-02-09 00:00:00
nvd
nvd
CVE-2018-5950
2018-01-23 16:29:01
exploitdb
exploitdb
Mailman 1.x > 2.1.23 - Cross Site Scripting (XSS)
2020-10-29 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: mailman-2.1.21-8.fc27
2018-03-16 16:45:42
rosalinux
rosalinux
Advisory ROSA-SA-2021-1913
2021-07-02 17:27:17